Digital fingerprinting is a technique for tracing the distribution of multimedia content and protecting it from unauthorized manipulation. Unique identification information is embedded into each distributed copy of the signal. In a collusion attack, signals are combined to remove or distort the fingerprints. Audio signals are good candidates for fingerprinting, because of the forgiving nature of the human auditory system to cross-talk between channels.
A broad definition of a digital watermark is any signal that is added to a document in order to embed some information. The original digital watermark, (Tirkel A. Z., Rankin G. A., van Schyndel R. M., Ho W. J., Mee N. R. A., and Osborne C. F. 1993. Electronic Water Mark, DICTA 93, Macquarie University, p. 666-673), contained information about the owner of the document, or about the document itself. Since then, watermarks have been embedded and recovered from still images, video, audio and many other information carrying formats. Research into watermarking and the related field of information hiding (steganography) has been prolific, with the nature and application of watermarks diversifying dramatically. One important application is digital fingerprinting (Boneh D., Shaw J. 1998. Collusion-secure fingerprinting for digital data, IEEE Trans. on Information Theory, 44 (5), 1897-1905.), where the specific objective of the watermark is to identify a recipient of a document. This ability to trace the document from its originator results in an audit trail. One reason for the proliferation of watermarks/fingerprints is that the fingerprint should be matched to the nature of the document and the response characteristic of the recipient.
There are many different types of documents and many ways of processing and interpreting them, including compression, cropping and innocent or deliberate distortions. Also, as watermarking has gained acceptance, countermeasures have developed., Resistance to processing distortions and countermeasures has been a major focus of research into this area.
A fundamental difference between still image and audio watermarking is that an image is presented in parallel fashion—all pixels are available to the eye—whilst audio is presented serially to the ears. A digital audio fingerprint must be unobtrusive so that it does not distract the listener from the audio content and it is difficult for a potential attacker to detect in the electronic version. Kirovski D. 2005. Collusion of Fingerprints via the Gradient Attack, ISIT, 2280-2284 describes key requirements of fingerprints and the consequences of collusion attacks: “Imperceptiveness, robustness, and reliability are the key requirements for fingerprints. One major difference with respect to content screening is that the robustness requirement is significantly easier to satisfy—fingerprint detection is done in the presence of the original clip, not “blindly”.
A major problem for fingerprinting systems is known as a collusion attack. To launch such an attack, an adversarial clique of malicious users colludes their copies in order to create a copy which is statistically clean of any fingerprint traces (e.g., the original) or a copy that incriminates another innocent user. Collusion resistance for multimedia content is typically low. This deficiency restricts fingerprinting systems to small distribution lists. One of the most devastating problems for fingerprinting systems is surprisingly, successful identity theft. An adversary with a stolen identity can purchase a multimedia clip and then illegally distribute it, leaving multimedia studios without a target for legal action.
Collusion is usually the most effective effort to defeat fingerprinting schemes as opposed to other signal processing attacks that target removal or obfuscation of the embedded secret information. For example, while an estimation attack typically produces a pirated copy of inferior quality, the result of collusion is of equal or even better quality than the distributed content.
The adversary can typically have two types of goals: (i) removal of their fingerprints from the pirated copy and (ii) framing an innocent user. The latter attack is of particular importance because it governs the number of copies the copyright owner can distribute. Once innocent users can be, framed, the entire system is rendered dysfunctional.
Digital watermarks/fingerprints traditionally rely on patterns produced by random number generators based on digital techniques or physical processes. Whilst this is a simple process, one fundamental drawback is that the probability of two or more patterns being identical or almost identical is not zero. This shortcoming means that watermarks based on such patterns cannot be admissible as evidence beyond reasonable doubt and multiple patterns cannot be embedded in one file because of potential mutual interference. The latter restricts the information capacity of watermarks based on such patterns and precludes them from being used for fingerprinting and audit trails. Also, it renders a watermark based on such patterns vulnerable to collusion attack.
The reference to any prior art in this specification is not, and should not be taken as, an acknowledgement or any form of suggestion that the prior art forms part of the common general knowledge.